Tag: open-source
-
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
by
in SecurityNewsMicrosoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/
-
Triton RAT Uses Telegram for Remote System Access and Control
by
in SecurityNewsCado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration. This open-source malware, available on GitHub, is designed to execute a wide range of malicious activities, including credential theft, system control, and persistence establishment. Technical Overview Triton RAT initiates its…
-
Exegol: Open-source hacking environment
by
in SecurityNewsExegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/31/exegol-open-source-hacking-environment/
-
Evilginx Tool (Still) Bypasses MFA
by
in SecurityNewsBased on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/evilginx-bypasses-mfa
-
Mit selbst programmiertem Tool wehrt sich ein Open-Source-Entwickler gegen KI-Scraper
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/tool-open-source-entwickler-gegen-ki-scraper-1680507/
-
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH
by
in SecurityNews
Tags: open-sourceOPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/opkssh-sso-ssh/
-
Exim UseFree Vulnerability Enables Privilege Escalation
by
in SecurityNewsA significant security threat has been uncovered in Exim, a popular open-source mail transfer agent (MTA) widely used in Linux distributions. Identified as CVE-2025-30232, this vulnerability allows for a potentially severe form of exploitation known as a use-after-free (UAF). This type of bug can lead to privilege escalation, posing substantial risks for administrators and users…
-
Hottest cybersecurity open-source tools of the month: March 2025
by
in SecurityNewsThis month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/27/hottest-cybersecurity-open-source-tools-of-the-month-march-2025/
-
CoffeeLoader: A Brew of Stealthy Techniques
by
in SecurityNewsIntroductionZscaler ThreatLabz has identified a new sophisticated malware family that we named CoffeeLoader, which originated around September 2024. The purpose of the malware is to download and execute second-stage payloads while evading detection by endpoint-based security products. The malware uses numerous techniques to bypass security solutions, including a specialized packer that utilizes the GPU, call…
-
Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks
by
in SecurityNewsCybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem.The packages in question are ethers-provider2 and ethers-providerz, with the former downloaded 73 times to date since it was published on First seen…
-
Malwoverview: First response tool for threat hunting
by
in SecurityNewsMalwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/26/malwoverview-first-response-tool-threat-hunting/
-
Getting the Most Value Out of the OSCP: The PEN-200 Labs
by
in SecurityNews
Tags: access, ai, attack, compliance, container, cyber, cybersecurity, dns, docker, exploit, firewall, guide, hacking, Hardware, infrastructure, intelligence, jobs, kubernetes, microsoft, mitigation, network, open-source, oracle, penetration-testing, powershell, risk, security-incident, service, siem, skills, technology, tool, training, vmware, vulnerability, windowsHow to leverage the PEN-200 simulated black-box penetration testing scenarios for maximal self-improvement and career success. Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been sponsored or incentivized in any way to recommend or oppose any…
-
Security Onion 24.10 Released: Everything You Need to Know
by
in SecurityNewsSecurity Onion, a widely used open-source platform for network security monitoring, has recently released Security Onion 2.4.140. This latest update focuses on enhancing key components such as Suricata and Zeek, offering improved security and functionality to its users. Below is a breakdown of what’s new and how this release impacts security teams worldwide. Key Component…
-
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
by
in SecurityNews
Tags: access, advisory, attack, cve, cvss, exploit, flaw, hacker, injection, kubernetes, mitigation, network, open-source, vulnerability, zero-dayFrequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…
-
Researchers raise alarm about critical Next.js vulnerability
by
in SecurityNewsThe software defect in the widely used open-source JavaScript framework allows attackers to bypass middleware-based authorization. First seen on cyberscoop.com Jump to article: cyberscoop.com/nextjs-critical-vulnerability-open-source-vercel/
-
Critical flaw in Next.js lets hackers bypass authorization
by
in SecurityNewsA critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/
-
Secure by Design Must Lead Software Development
by
in SecurityNews
Tags: awareness, cybersecurity, defense, office, open-source, programming, risk, software, supply-chainCrossley of Schneider Electric Urges Supplier Scrutiny and Continuous Risk Review. To strengthen defenses, organizations must adopt secure-by-design practices, select mature open-source components and embed risk awareness throughout development, according to Cassie Crossley, vice president, supply chain security, cybersecurity and product security office, Schneider Electric. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/secure-by-design-must-lead-software-development-a-27811
-
âš¡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
by
in SecurityNewsA quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the…
-
Finders Keypers: Open-source AWS KMS key usage finder
by
in SecurityNewsFinders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/24/finders-keypers-open-source-aws-kms-key-usage-finder/
-
UAT-5918 ATP group targets critical Taiwan
by
in SecurityNewsCisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting. Cisco Talos uncovered UAT-5918, an info-stealing threat actor active since 2023, using web shells and open-source tools for persistence and credential theft. The APT UAT-5918 targets Taiwan, exploiting N-day vulnerabilities in unpatched servers for long-term…
-
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
CVE-2025-24813: Apache Tomcat Vulnerable to RCE Attacks
by
in SecurityNewsIntroductionCVE-2025-24813 was originally published on March 10 with a medium severity score of 5.5, and Apache Tomcat released an update to fix it. On March 12, the first attack was detected in Poland by Wallarm researchers, even before a Proof-of-Concept (PoC) was made public. After the PoC was released on March 13 on GitHub and…
-
Photoshop FOSS alternative GIMP wakes up from 7-year coma with version 3.0
by
in SecurityNews
Tags: open-sourceMeanwhile, open source video codec Ogg Theora stirs in its crypt First seen on theregister.com Jump to article: www.theregister.com/2025/03/20/gimp_3_and_photogimp/
-
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
by
in SecurityNewsJumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security vulnerabilities. These flaws, recently highlighted by SonarSource’s vulnerability research team, allow attackers to bypass authentication and potentially gain full control over the JumpServer infrastructure. JumpServer acts as a centralized gateway to internal networks, offering features…
-
Coinbase originally targeted during GitHub Action supply chain attack
by
in SecurityNewsResearchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for additional attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/coinbase-targeted-github-action-attack/743186/
-
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
by
in SecurityNewsThreat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.”UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim…
-
Over 150 US Government Database Servers Vulnerable to Internet Exposure
by
in SecurityNewsA recent open-source investigation has uncovered one of the largest exposures of US government data to cyber threats. More than 150 government database servers are currently exposed to the internet, leaving sensitive personal and national security information at an unprecedented risk of cyberattacks. The Scope of the Problem The investigation, conducted using data from Shodan,…